If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

BUT is here the reality of a power grid network...had that computer been attached to the power grid and all grids are based on a network...once you gain entrance to any network a hacker can then work his way easily to the controlling network of power grids as they car inherently also connected to the power company management network for things like email....and computer updates.....

Take it from someone who works with power companies here in Europe...easy easy easy once you have a single infected computer on any network.....

And surprise surprise most of the power grid hacks conducted by Russians here in Europe come via email phishing....so much more needs to be done on the security education of the end users....

BTW...this was the entrance method for the election hacks of DNC....and the three State voting databases....just need one single inflected computer these days...

Since May, hackers have been penetrating the computer networks of companies that operate nuclear power stations and other energy facilities, as well as manufacturing plants in the United States and other countries.
Among the companies targeted was the Wolf Creek Nuclear Operating Corporation, which runs a nuclear power plant near Burlington, Kan., according to security consultants and an urgent joint report issued by the Department of Homeland Security and the Federal Bureau of Investigation last week.
The joint report was obtained by The New York Times and confirmed by security specialists who have been responding to the attacks. It carried an urgent amber warning, the second-highest rating for the sensitivity of the threat.
The report did not indicate whether the cyberattacks were an attempt at espionage — such as stealing industrial secrets — or part of a plan to cause destruction. There is no indication that hackers were able to jump from their victims’ computers into the control systems of the facilities, nor is it clear how many facilities were breached.

WASHINGTON — The cybersecurity company FireEye says in a new report to private clients, obtained exclusively by NBC News, that hackers linked to North Korea recently targeted U.S. electric power companies with spearphishing emails.
The emails used fake invitations to a fundraiser to target victims, FireEye said. A victim who downloaded the invitation attached to the email would also be downloading malware into his or her computer network, according to the FireEye report. The company did not dispute NBC's characterization of the report, but declined to comment.
There is no evidence that the hacking attempts were successful, but FireEye assessed that the targeting of electric utilities could be related to increasing tensions between the U.S. and North Korea, potentially foreshadowing a disruptive cyberattack.

The Department of Homeland Security and Federal Bureau of Investigation warned in a report distributed by email late on Friday that the nuclear, energy, aviation, water and critical manufacturing industries have been targeted along with government entities in attacks dating back to at least May.
The agencies warned that hackers had succeeded in compromising some targeted networks, but did not identify specific victims or describe any cases of sabotage.

Extremist Content and Russian Disinformation Online

The full title is 'Extremist Content and Russian Disinformation Online: Working with Tech to Find Solutions' and the author, Clint Watts (Forum member), gave evidence today before the Senate Judiciary Committee, Subcommittee on Crime and Terrorism.

There is much to learn; this sentence IMHO will resonate with Forum readers:

Stopping the false information artillery barrage landing on social media users comes only when those outlets distributing bogus stories are silenced – silence the guns and the barrage will end.

(He ends with) America’s war with itself has already begun. We all must act now on the social media battlefield to quell information rebellions that can quickly lead to violent confrontations and easily transform us into the Divided States of America.

Dodged a cyber bullet here

FBI Director Chris Wray and a team of security officials told the Senate Intelligence Committee on Tuesday that Huawei and ZTE pose threats to the US.

That position of power would allow Huawei or ZTE "the capacity to exert pressure or control over our telecommunications infrastructure, it provides the capacity to maliciously modify or steals information and provides the capacity to conduct undetected espionage."
He commended AT&T and Verizon for heeding the government's warnings regarding Huawei, which led to the Mate 10 Pro not getting carrier support in the US.

Senior U.S. and British officials on Monday blamed the Russian government for coordinated cyberattacks against internet infrastructure worldwide in an effort to conduct espionage and intellectual property theft.

Officials said that Russian hackers have been conducting a months-long cyber campaign against network devices used by government organizations, private industry and critical infrastructure operators. The hackers have tried to breach routers, switches and firewalls in an effort to breach organizations across the globe, officials said.

Chinese spies linked to decade-long hacking campaign

Temporary stand-alone thread until everyone who needs to see this has seen it.

China's long-running hacking efforts may be more extensive than first thought. Security researchers at ProtectWise's 401TRG team have determined that a long series of previously unconnected attacks are actually part of a concerted campaign by Chinese intelligence officials. Nicknamed the Winnti umbrella, the effort has been going on since "at least" 2009 and has struck game companies (like Nexon and Trion) and other tech-driven businesses to compromise political targets.

There are common methods and goals to the attacks. They usually start with phishing to trick someone into compromising the company network (often using political bait), and then use a mix of custom and off-the-shelf malware to collect info. They'll often stay undetected by "living off the land" with the victim's own software, such as system admin tools. The intuders are primarily looking for code signing certificates and "software manipulation," according to the report.

The perpetrators also make occasional mistakes, and it's those slip-ups that helped identify the Chinese origins. They normally use command-and-control servers to hide, but they inadvertently accessed some machines using IP addresses from China Unicom's network in a Beijing district.

Even with these mistakes, the Winnti umbrella is an "advanced and potent threat," 401TRG said. It's also a not-so-subtle reminder that China's state-backed hacking efforts are deeper than they seem at first glance -- hacks that appear to be one-off incidents may be linked if you look for subtler similarities.

Chinese government hackers have compromised the computers of a Navy contractor, stealing massive amounts of highly sensitive data related to undersea warfare — including secret plans to develop a supersonic anti-ship missile for use on U.S. submarines by 2020, according to American officials.
The breaches occurred in January and February, the officials said, speaking on the condition of anonymity to discuss an ongoing investigation. The hackers targeted a contractor who works for the Naval Undersea Warfare Center, a military organization headquartered in Newport, R.I., that conducts research and development for submarines and underwater weaponry.

China-based hacking campaign is said to have breached satellite, defense companies

A hacking campaign launched from computers in China breached satellite operators, defense contractors and telecommunications companies in the U.S. and Southeast Asia, according to Symantec.
Researchers at the company said they could not say what communications, if any, were taken.
But they said the hackers infected computers that controlled satellites, so that they could have changed the positions of the orbiting devices and disrupted data traffic.

WASHINGTON — The Department of Homeland Security told representatives of electric utilities Monday about a round of efforts by Russian hackers last year to target control systems for electric power plants and grids.

In an unclassified webinar, DHS officials said the hackers last summer got access to vendors who provide computer services to electric utilities, and used that to provide a way into power company control systems.

WASHINGTON (AP) — North Korea’s nuclear and missile tests have stopped, but its hacking operations to gather intelligence and raise funds for the sanction-strapped government in Pyongyang may be gathering steam.

U.S. security firm FireEye raised the alarm Wednesday over a North Korean group that it says has stolen hundreds of millions of dollars by infiltrating the computer systems of banks around the world since 2014 through highly sophisticated and destructive attacks that have spanned at least 11 countries. It says the group is still operating and poses “an active global threat.”

Nested on the servers’ motherboards, the testers found a tiny microchip, not much bigger than a grain of rice, that wasn’t part of the boards’ original design. Amazon reported the discovery to U.S. authorities, sending a shudder through the intelligence community. Elemental’s servers could be found in Department of Defense data centers, the CIA’s drone operations, and the onboard networks of Navy warships. And Elemental was just one of hundreds of Supermicro customers.

During the ensuing top-secret probe, which remains open more than three years later, investigators determined that the chips allowed the attackers to create a stealth doorway into any network that included the altered machines. Multiple people familiar with the matter say investigators found that the chips had been inserted at factories run by manufacturing subcontractors in China.

This attack was something graver than the software-based incidents the world has grown accustomed to seeing. Hardware hacks are more difficult to pull off and potentially more devastating, promising the kind of long-term, stealth access that spy agencies are willing to invest millions of dollars and many years to get.

(Natural News) In the name of scientific “progress,” Newcastle’s Freeman Hospital in the United Kingdom recently tried to pioneer the use of a surgical robot that it tasked with repairing a patient’s damaged heart valve, only to have the machine go completely bonkers and ultimately kill the man on the operating table.

According to reports, this first-time-use robot not only physically assaulted a living medic while attempting to conduct its programmed surgery, but also implanted stitches into the patient’s heart in a manner that physicians present during the fiasco described as not being in “an organised fashion.”

A situation that can only be described as total chaos, with human surgeons, doctors, and nurses having to scream at each other in order to overcome the “tinny” sound coming from the robot as they were trying to control it, the attempted surgery ended up being nothing short of a complete failure. And in the end, retired music teacher and conductor, Stephen Pettitt, the guinea pig patient in this medical experiment, ultimately lost his life.

A scrimmage in a Border Station
A canter down some dark defile
Two thousand pounds of education
Drops to a ten-rupee jezail

I was puzzled at now spotting this story in the UK media and on looking there are a number of reports. First this has become public as thee is a coroners inquest underway and second the actual death was in March 2015 - 3.5yrs ago (the operation was in February 2015). That is a long time to wait for an inquest (not that far more political and contentious matters can wait a very long time for an inquest).